cleantalk
Vulnerabilities and Security Researches

Easy Twitter Feed, CVE-2021-24413

CVE, Research URL

CVE-2021-24413

Home page URL

Security reports for Easy Twitter Feed

Application

Easy Twitter Feed

Published on
Oct 18, 2021
Research Description
The Easy Twitter Feed WordPress plugin before 1.2 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode
Affected versions
max 1.2.
Status
vulnerable
Previous vulnerability researches
Easy Twitter Feed (CVE-2026-53736) , Jun 13, 2026
Easy Twitter Feed (CVE-2024-10666) , Nov 24, 2024
Easy Twitter Feed (CVE-2021-24413) , Jun 07, 2024
New vulnerability
Error Log Monitor (CVE-2023-33999) , Jun 13, 2026
Stackable – Page Builder Gutenberg Blocks (CVE-2023-33999) , Jun 13, 2026
WordPress Translation plugin for Post, Pages & WooCommerce products. Tranzly IO AI DeepL automatic WordPress Translator. (CVE-2023-33999) , Jun 13, 2026
Divi Forms Styler – Gravity Forms, Fluent Forms & Contact Form 7 (CVE-2023-33999) , Jun 13, 2026
EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg (CVE-2023-33999) , Jun 13, 2026